I managed to configure adal4j and the OAuth Authentication service and successfully get the access token using the uri access token credentials https://login.windows.net/$tenantId/oauth2/token.
Here is the process of obtaining a token:
val context = new AuthenticationContext("https://login.windows.net/$tenantId/oauth2/token", true, Executor)
val creds = new ClientCredential("CLIENT_ID", "CLIENT_SECRET")
val result = context.acquireToken("https://SANDBOX.crm.dynamics.com", creds, null).get()
result.getAccessToken
Token is in format stuff.stuff.stuff.
I found the tenant id (obviously a guide) using this URL: https://login.windows.net/ORG.onmicrosoft.com/.well-known/openid-configuration
Now I am unable to use this token with the OData endpoint.
Inquiry:
curl --head -X GET https://SANDBOX.crm.dynamics.com/XRMServices/2011/OrganizationData.svc/AccountSet -H 'Authorization: Bearer ACCESSTOKEN' -H 'Accept: application/json' -H 'DataServiceVersion: 3.0'
Answer:
HTTP/1.1 302 Found
Location: https://login.microsoftonline.com/login.srf?wa=wsignin1.0&wtrealm=https%3a%2f%2fdynamicscrmna.accesscontrol.windows.net%2f&wctx=pr%3dwsfederation%26rm%3dhttps%253a%252f%252fSANDBOX.crm.dynamics.com%252f%26ry%3dhttps%253a%252f%252fSANDBOX.crm.dynamics.com%252fXRMServices%252f2011%252fOrganizationData.svc%252fAccountSet&wct=2015-05-07T16%3a00%3a47Z&wreply=https%3a%2f%2fdynamicscrmna.accesscontrol.windows.net%2fv2%2fwsfederation&Popupui=1
WWW-Authenticate: Bearer error=invalid_token, error_description=Error during token validation!, redirect_uri=https%3a%2f%2flogin.windows.net%2fcommon%2fwsfed, realm=Microsoft.CRM
My token seems to be invalid, but what does it mean? Can I use the wrong tenant ID? Is OAuth access disabled or not configured for the OData endpoint? Is this a sandbox issue?
, .